Mobile operators have invested billions in LTE networks, while security breaches and service disruptions have risen and exposed the new vulnerabilities of this all-IP network and risk the high service standards and reputation so carefully constructed. Since it costs far less for a hacker to attack a mobile network than for an operator to protect against every foreseeable threat, operator must balance business risk against infrastructure investment and rightfully demand fact-based analysis of the options. How can an operator realistically weigh the business value of deploying a new security element in such a rapidly changing and uncertain environment?
This brief from Stoke provides a methodology with illustrative examples for quantifying the risk vs. the cost of securing the S1. The brief combines groundbreaking research from Ponemon Institute, with data from well publicized LTE incidents and applies them to a representative operator scenario to estimate the financial impact of a security breach and network outage.
9892124323 | Book Call Girls in Juhu and escort services 24x7
IPsec secure backhaul worth 10X less than security risks
1. INDUSTRY INSIGHTS
Protect the S1 - Worth 10X the
Investment
Risks Outweigh the Costs
Using accepted breach and
outage costs, compared to LTE
investments, the risk is up to
10X greater than the LTE S1
Investment.
Representative Operator
60M Subscribers
$1.4B LTE investment
$64M S1 protection capex
One-Time Malicious Breach
1.8M subs impacted (3%)
$159 per sub
$286M- one malicious breach
18 Hour Service Disruption
60M subs impacted
$0.33/sub/hour
$356M for 18 hours
Capex vs. Risk
One malicious breach + one
18-hour service outage
$646M – business risk
$64M S1 protection capex
Is IPsec secure backhaul worth the cost?
As mobile operators invest billions in LTE networks, the rise of security breaches
and service disruptions have exposed the new vulnerabilities of this all-IP network
and risk the high service standards and reputation so carefully constructed. One
can never have enough security and it costs far less for a hacker to attack a
mobile network than for an operator to protect against every foreseeable threat.
Operator must balance business risk against infrastructure investment and
rightfully demand fact-based analysis of the options.
In early LTE deployments operators debated whether or not to secure the RAN-Core
with a security gateway, if the backhaul was considered “trusted”. Today,
however, operators planning or launching LTE are intuitively convinced of the
necessity for the IPsec encryption that a security gateway enables, but still require
a more rigorous, quantified rationale.
How can an operator realistically weigh the business value of deploying a new
security element in such a rapidly changing environment?
This brief applies groundbreaking research from Ponemon Institute with actual
operator statistics to a representative operator scenario to determine that the cost
of security the backhaul (S1) is orders or magnitude less than even a single breach
or major service disruption.
Five LTE Network Domains Require Security
The RAN-Core (S1) interface is one of five LTE network domains that operators
must protect. Each of these five domains has unique vulnerabilities and requires
different protection mechanisms. Any security event that directly impacts
subscribers - records, private live communications, or service availability, will have
similar financial consequences to the mobile operator regardless from which
domain it was originated.